Description
WordPress Plugin Easy Forms for Mailchimp is prone to a vulnerability that lets attackers inject and execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the affected webserver process. WordPress Plugin Easy Forms for Mailchimp version 6.5.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.5.3 or latest
References
Related Vulnerabilities
WordPress Plugin Lightbox Gallery Cross-Site Scripting (0.9.4)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8628)
WordPress Plugin Google Sitemap by BestWebSoft Cross-Site Scripting (3.0.7)
WordPress Plugin Social Media Widget by Acurax Multiple Unspecified Vulnerabilities (3.2.3)
WordPress Plugin Simple History Information Disclosure (1.0.7)